Tag: emerging threats
4579 articles

Trump Escalates Claims of Election Compromise Despite Debunked Evidence
The White House touted a prime-time speech as proof of foreign interference and widespread voter irregularities, but it fell flat, with critics calling it a dud. Despite claims of a bombshell, the declassified documents so far have failed to validate allegations of election compromise.

AI Spam Filters Vulnerable to Text Salting Attacks
Over 1 million retail-themed phishing emails have been detected using a sneaky technique called text salting to evade AI spam filters since April. This clever trick hides harmless words in malicious messages, fooling automated scanners but not the human eye.

China Builds Massive Supply Ship for Carrier Groups
China is building a massive supply ship that has caught the world's attention, particularly in the US, as it signals a new era of maritime power. This hulking vessel, rising from the shipyard on Longxue Island, is set to support China's carrier groups and challenge traditional naval dominance.

Pakistan Air Force Weighs J-35, Kızılelma as F-16 Alternatives
Baykar's Kızılelma UCAV just hit a major milestone, successfully test-firing a Roketsan JET-230 air-launched ballistic missile, further cementing its status as a cutting-edge, strike-capable drone. This latest achievement builds on last year's groundbreaking radar-guided air-to-air missile launch from the same platform.

Siemens ROX II Zero-Days Expose Critical Infrastructure Risks
Our research team, in close collaboration with Siemens, uncovered a critical vulnerability chain of three zero-day exploits in Siemens ROX II operational-technology switches, posing significant risks to critical infrastructure security. This chained exploit could allow attackers to escalate from basic reconnaissance to full root-level control.

23andMe Agrees to $18m Settlement, New Data Security Mandates
After cracking down on 23andMe's lax security measures, a coalition of 42 US attorneys general, led by New York Attorney General Letitia James, has secured an $18 million settlement and binding data-protection commitments to safeguard customer information. This move comes after a 2023 data breach put millions of 23andMe customers at risk of having their personal info exposed.

Ernst & Young Exposes Client Data in Third-Party Support System Hack
Ernst & Young suffered a data breach when hackers accessed a third-party support system, downloading sensitive client documents between March 28 and April 12. The breach was detected on April 23, prompting the company to alert affected clients and notify authorities.

Ransomware Targets Government Agencies Daily, Study Reveals
Government agencies are under attack, with ransomware hitting a staggering 187 organizations in just six months - that's one body disrupted every single day, on average. This alarming trend is up 13% from the previous half-year, leaving public services vulnerable and citizens at risk.

North Korean Hackers Exploit Coding Tests with Steganography-Laced Malware
North Korean hackers are targeting software developers with a sneaky malware attack, hiding steganography-laced payloads in coding tests to steal sensitive data and cryptocurrency. This latest campaign, tracked as REF9403, is just another example of the DPRK's relentless pursuit of valuable information.

Carders Seek 'Clean' Residential Proxies to Evade Fraud Controls
Criminals are on the hunt for so-called "clean" residential proxies, a new classification that's emerged in the underground world of payment fraud and carding. These proxies are prized for their spotless usage history, making them harder to detect and allowing scammers to evade fraud controls.

US Misidentifies Russian Hacker in Extradition Bid
A Russian man named Aleksandr Ermakov has been wrongly detained in an Armenian jail on a US extradition request, with his lawyers claiming he is not the REvil ransomware suspect the US is actually after. His family and lawyers are now racing against time to clear his name and prevent his deportation to the US.

Military Autonomy Spurs Race for Trusted Information Infrastructure
The future of military capability hinges on a robust trusted information infrastructure that seamlessly connects autonomous systems, enabling secure and efficient data exchange. This backbone of innovation is now driving Western defense plans and funding.

CISA Warns of Active Exploits Targeting FortiSandbox Flaws
Critical FortiSandbox flaws, CVE-2026-39808 and CVE-2026-25089, are under active attack by hackers, allowing them to execute malicious commands without needing login credentials. These severe vulnerabilities, scoring 9.1, require immediate attention to prevent devastating remote code execution attacks.

EU Orders Google to Open Android to Rival AI Assistants
Google is now required to open up Android to rival AI assistants, a move the company claims could compromise device security by giving external apps sensitive permissions. The European Commission's order, made under the Digital Markets Act, forces Google to grant third-party AI assistants access to Android sensors and system features.

GoSerpent Malware Targets Southeast Asian Governments for Espionage
A stealthy cyber threat, known as GoSerpent, has been secretly targeting Southeast Asian governments and diplomats since late 2025, with the goal of gathering sensitive intelligence. This sophisticated malware has been evolving, with a new set of malicious tools deployed as recently as May 2026.

Windows Zero-Day Exploit LegacyHive Grants Hackers Admin Privileges
A security researcher, known as Nightmare Eclipse, has uncovered a new Windows zero-day exploit called LegacyHive, which can grant hackers admin privileges with just a few simple steps and some standard user credentials. This alarming vulnerability targets the Windows User Profile Service, putting users at risk of serious security breaches.

ACR Stealer Exploits ClickFix Lures to Target Microsoft 365 Files
Microsoft's Defender Experts team uncovered a sneaky ACR Stealer campaign that uses ClickFix lures to swipe sensitive Microsoft 365 files, browser passwords, and authentication tokens from unsuspecting users. This stealthy attack leaves enterprise environments vulnerable, with stolen data including PDFs, synced OneDrive and SharePoint folders, and more.

CISA Orders Emergency Patch for Exploited Fortinet Vulnerabilities
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive requiring federal agencies to patch or mitigate two critical Fortinet vulnerabilities within a tight three-day window, underscoring the severity of these flaws. This urgent action follows the discovery of a critical OS command injection vulnerability in FortiSandbox, allowing attackers to execute unauthorized code or commands.

Windows Server 2022 Approaches End of Mainstream Support
Mark your calendars: Windows Server 2022 will reach the end of its mainstream support on October 13, 2026, after which it will transition into extended support, still receiving security updates through October 14, 2031.

Google scrambles to fix Android bug that lets Gemini bypass lock screen security
Google is racing to squash a newly discovered Android bug that allows sneaky users to bypass lock screen security and send SMS or WhatsApp messages using Gemini, all without entering the device PIN. A fix has already been implemented and is set to roll out this week.

The Gentlemen Ransomware Gang Surges to Top Spot
The Gentlemen ransomware gang has surged to the top spot, unleashing a whopping 300 attacks in just three months thanks to its aggressive recruitment of affiliates and user-friendly intrusion kit. This makes them the most active ransomware group, outpacing even the notorious Qilin affiliate operation.

US Prosecutors Charge Two in $43 Million Investment Fraud Laundering Scheme
For nearly two years, Zhuoying Chen and Haojie Zhang allegedly masterminded a brazen $43 million investment fraud laundering scheme, preying on innocent victims and funneling their life savings into bank accounts in China. The sophisticated network, involving over a dozen people, was recently dismantled by US authorities.

CISA Warns of Actively Exploited Fortinet Flaws
The US Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on actively exploited Fortinet flaws, warning federal agencies to patch two vulnerabilities in the Fortinet FortiSandbox platform by July 19 to avoid potential breaches. Don't wait - prioritize patching to protect your systems from exploitation.

CISA Flags Exploited SharePoint Zero-Day Vulnerability
Don't wait until it's too late: Federal agencies have until July 19, 2026, to patch a critical Microsoft SharePoint Server vulnerability, CVE-2026-58644, that's already being exploited by hackers to execute malicious code remotely. This high-severity flaw, with a CVSS score of 9.8, could allow attackers to take control of your SharePoint Server if left unpatched.